Vulnerabilities > CVE-2002-2219 - Unspecified vulnerability in Chetcpasswd 2.1

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

chetcpasswd

exploit available

NVD

Published: 2002-12-31

Updated: 2017-07-29

Summary

chetcpasswd.cgi in Pedro Lineu Orso chetcpasswd before 2.1 allows remote attackers to read the last line of the shadow file via a long user (userid) field.

Vulnerable Configurations

Part	Description	Count
Application	Chetcpasswd Chetcpasswd Chetcpasswd 2.1	1

Exploit-Db

description	CHETCPASSWD 1.12 Shadow File Disclosure Vulnerability. CVE-2002-2219 . Webapps exploit for cgi platform
id	EDB-ID:22111
last seen	2016-02-02
modified	2002-12-22
published	2002-12-22
reporter	Victor Pereira
source	https://www.exploit-db.com/download/22111/
title	CHETCPASSWD 1.12 Shadow File Disclosure Vulnerability

References

http://securitytracker.com/id?1005847
http://sourceforge.net/project/shownotes.php?group_id=68912&release_id=466649
http://www.securiteam.com/unixfocus/6C00N0K6AO.html
http://www.securityfocus.com/bid/6472
https://exchange.xforce.ibmcloud.com/vulnerabilities/10946